package com.example.demo.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/test")
public class TestController {

    @GetMapping("/hello")
    @PreAuthorize("hasAuthority('test1')") //需要拥有test权限
    public String hello(){
        return "hello world!";
    }


    @GetMapping("/hello2")
    @PreAuthorize("@myEx.hasAuthority('test')") //自定义权限
    public String hello2(){
        return "hello world2!";
    }
}
